Adobe Reader Javascript vulnerability

http://www.kb.cert.org/vuls/id/508357

"The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a
use-after-free vulnerability, which may allow a remote, unauthenticated
attacker to execute arbitrary code on a vulnerable system."

There is currently no solution to this issue. The following workarounds
are suggested.

- Disable JavaScript in Reader/Acrobat
- Prevent Internet Explorer from automatically opening PDF documents
- Disable the displaying of PDF documents in the web browser
- Block the use of the Doc.media.newPlayer method
- Enable DEP in Windows (reduces DoS threat)

For more information, see this post from Adobe:

http://www.adobe.com/support/security/advisories/apsa09-07.html